CredHub Release provides a BOSH Release for CredHub.
See additional repos for more info:
- credhub : CredHub server code
- credhub-cli : command line interface for credhub
- credhub-acceptance-tests : integration tests written in Go.
This repository includes code to create a BOSH release of CredHub. Releases based on this repository are created and posted automatically to bosh.io for deployment.
Adding CredHub to an existing deployment manifest can be done by simply adding the release and its appropriate job configurations. Complete sample manifests can be found here.
releases:
- name: credhub
url: https://bosh.io/d/github.com/pivotal-cf/credhub-release?v=1.5.0
version: 1.5.0
sha1: f965d47c261c9c554399ea02cf7ab343b7b7f843
CredHub issues frequent minor releases containing new features. If you wish to receive the latest new features, the most recent release should be used. If you choose to use the latest release line, you must update to a subsequent patch or minor release - which may contain new features - to receive security patches and bug fixes.
If you wish to use a stable version with a less frequent feature release cycle, you may use a long term support version. LTS versions are patched for security vulnerabilities and bugs, but do not contain new features. New LTS versions are released quarterly. Patches are issued for LTS versions for 9 months following release (current–2 structure).
Current long term support versions
| Version | Released | Latest Patch | End of Patch Releases |
|---|---|---|---|
| 1.0.x | Jun-15-2017 | 1.0.8 | Mar-15-2018 |
| 1.3.x | Aug-23-2017 | 1.3.4 | Jun-15-2018 |
We strongly encourage people to report security vulnerabilities privately to our security team before disclosing them in a public forum.
Please note that the e-mail address below should only be used for reporting undisclosed security vulnerabilities in Pivotal products and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other security-related queries at this address.
The e-mail address to use to contact the Pivotal Application Security Team is security@pivotal.io.
Our public PGP key can be obtained from a public key server such as pgp.mit.edu. Its fingerprint is: 16F6 51BF 4637 F486 C5E2 4635 19BB 5184 0191 92ED. More information can be found at pivotal.io/security.
To manually update a local repo, use
$ ./scripts/updateto ensure that the latest code has been pulled into the submodule.
$ ./spec/run_tests.sh$ bosh create-release --name credhub --version test --tarball ./credhub-test.tgz